summaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2010-03-04 08:15:33 -0800
committerLinus Torvalds <torvalds@linux-foundation.org>2010-03-04 08:15:33 -0800
commit0f2cc4ecd81dc1917a041dc93db0ada28f8356fa (patch)
treef128b50f48f50f0cda6d2b20b53e9ad6e2dfded3 /security
parent1fae4cfb97302289bb5df6a8195eb28385d0b002 (diff)
parent9643f5d94aadd47a5fa9754fb60f2c957de05903 (diff)
downloadlwn-0f2cc4ecd81dc1917a041dc93db0ada28f8356fa.tar.gz
lwn-0f2cc4ecd81dc1917a041dc93db0ada28f8356fa.zip
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6: (52 commits) init: Open /dev/console from rootfs mqueue: fix typo "failues" -> "failures" mqueue: only set error codes if they are really necessary mqueue: simplify do_open() error handling mqueue: apply mathematics distributivity on mq_bytes calculation mqueue: remove unneeded info->messages initialization mqueue: fix mq_open() file descriptor leak on user-space processes fix race in d_splice_alias() set S_DEAD on unlink() and non-directory rename() victims vfs: add NOFOLLOW flag to umount(2) get rid of ->mnt_parent in tomoyo/realpath hppfs can use existing proc_mnt, no need for do_kern_mount() in there Mirror MS_KERNMOUNT in ->mnt_flags get rid of useless vfsmount_lock use in put_mnt_ns() Take vfsmount_lock to fs/internal.h get rid of insanity with namespace roots in tomoyo take check for new events in namespace (guts of mounts_poll()) to namespace.c Don't mess with generic_permission() under ->d_lock in hpfs sanitize const/signedness for udf nilfs: sanitize const/signedness in dealing with ->d_name.name ... Fix up fairly trivial (famous last words...) conflicts in drivers/infiniband/core/uverbs_main.c and security/tomoyo/realpath.c
Diffstat (limited to 'security')
-rw-r--r--security/smack/smack_lsm.c2
-rw-r--r--security/tomoyo/realpath.c23
2 files changed, 5 insertions, 20 deletions
diff --git a/security/smack/smack_lsm.c b/security/smack/smack_lsm.c
index a5721b373f53..5225e668dbf0 100644
--- a/security/smack/smack_lsm.c
+++ b/security/smack/smack_lsm.c
@@ -387,7 +387,7 @@ static int smack_sb_umount(struct vfsmount *mnt, int flags)
struct smk_audit_info ad;
smk_ad_init(&ad, __func__, LSM_AUDIT_DATA_FS);
- smk_ad_setfield_u_fs_path_dentry(&ad, mnt->mnt_mountpoint);
+ smk_ad_setfield_u_fs_path_dentry(&ad, mnt->mnt_root);
smk_ad_setfield_u_fs_path_mnt(&ad, mnt);
sbp = mnt->mnt_sb->s_security;
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c
index c00df45c7ede..cf7d61f781b9 100644
--- a/security/tomoyo/realpath.c
+++ b/security/tomoyo/realpath.c
@@ -88,29 +88,14 @@ int tomoyo_realpath_from_path2(struct path *path, char *newname,
sp = dentry->d_op->d_dname(dentry, newname + offset,
newname_len - offset);
} else {
- /* Taken from d_namespace_path(). */
- struct path root;
- struct path ns_root = { };
- struct path tmp;
+ struct path ns_root = {.mnt = NULL, .dentry = NULL};
- read_lock(&current->fs->lock);
- root = current->fs->root;
- path_get(&root);
- read_unlock(&current->fs->lock);
- spin_lock(&vfsmount_lock);
- if (root.mnt && root.mnt->mnt_ns)
- ns_root.mnt = mntget(root.mnt->mnt_ns->root);
- if (ns_root.mnt)
- ns_root.dentry = dget(ns_root.mnt->mnt_root);
- spin_unlock(&vfsmount_lock);
spin_lock(&dcache_lock);
- tmp = ns_root;
- sp = __d_path(path, &tmp, newname, newname_len);
+ /* go to whatever namespace root we are under */
+ sp = __d_path(path, &ns_root, newname, newname_len);
spin_unlock(&dcache_lock);
- path_put(&root);
- path_put(&ns_root);
/* Prepend "/proc" prefix if using internal proc vfs mount. */
- if (!IS_ERR(sp) && (path->mnt->mnt_parent == path->mnt) &&
+ if (!IS_ERR(sp) && (path->mnt->mnt_flags & MNT_INTERNAL) &&
(path->mnt->mnt_sb->s_magic == PROC_SUPER_MAGIC)) {
sp -= 5;
if (sp >= newname)